• Home
  • Fortify Application Defender vs. GitGuardian Public Monitoring

Fortify Application Defender vs GitGuardian Public Monitoring comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Application Security Tools
April 2024
Executive Summary

We performed a comparison between Fortify Application Defender and GitGuardian Public Monitoring based on real PeerSpot user reviews.

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools.
To learn more, read our detailed Application Security Tools Report (Updated: April 2024).
Download the complete report
767,847 professionals have used our research since 2012.
Featured Review
HisaoOgata
Saves time and warns about the vulnerabilities in the software, but the false positive rate should be lower
Based on the alerts created by the solution during development, we modify the software we are developing.
Mary Loup
Helps us prioritize remediation tasks efficiently, improves our overall security visibility, and is effective in...
GitGuardian Public Monitoring's detection capabilities are good. I'm still learning the ropes of using some search techniques. However, it's... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The information from Fortify Application Defender on how to fix and solve issues is very good compared to other solutions.""The most valuable features of Fortify Application Defender are the code packages that are default.""Fortify Application Defender's most valuable features are machine learning algorithms, real-time remediation, and automatic vulnerability notifications.""We are able to provide out customers with a secure application after development. They are no longer left wondering if they are vulnerable to different threats within the market following deployment.""Its ability to find security defects is valuable.""The most valuable feature is the ability to automatically feed it rules what it's coupled with the WebInspect dynamic application scanning technology.""The solution helped us to improve the code quality of our organization.""The most valuable feature is that it analyzes data in real-time."

More Fortify Application Defender Pros →

"The Explore function is valuable for finding specific things I'm looking for.""One thing I really like about it is the fact that we can add search words or specific payloads inside the tool, and GitGuardian will look into GitHub and alert us if any of these words is found in a repository... With this capability in the tool, we have good surveillance over our potential blind spots."

More GitGuardian Public Monitoring Pros →

Cons
"The solution could improve the time it takes to scan. When comparing it to SonarQube it does it in minutes while in Fortify Application Defender it can take hours.""The workbench is a little bit complex when you first start using it.""Fortify Application Defender could improve by supporting more code languages, such as GRAAS and Groovy.""Support for older compilers/IDEs is lacking.""The biggest complaint that I have heard concerns additional platform support because right now, it only supports applications that are written in .NET and Java.""I encountered many false positives for Python applications.""The false positive rate should be lower.""The solution is quite expensive."

More Fortify Application Defender Cons →

"I'm excited about the possibility of Public Postman scanning being integrated with GitGuardian in the future. Additionally, I'm interested in exploring the potential use of honeytokens, which seems like a compelling approach to lure and identify attackers.""I would like to see improvement in some of the user interface features... When one secret is leaked in multiple files or multiple repositories, it will appear on the dashboard. But when you click on that secret, all the occurrences will appear on the page. It would be better to have one secret per occurrence, directly, so that we don't have to click to get to the list of all the occurrences."

More GitGuardian Public Monitoring Cons →

Pricing and Cost Advice
  • "The base licensing costs for the SaaS platform is about $900 USD per application, per year."
  • "The price of this solution could be less expensive."
  • "The licensing is very complex, it's project based and can range from $10,000 to $200,000+ depending on the project type and size."
  • "Fortify Application Defender is very expensive."
  • "The product’s price is much higher than other tools."

    • More Fortify Application Defender Pricing and Cost Advice →

  • "It's a bit expensive, but it works well. You get what you pay for."

    • More GitGuardian Public Monitoring Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
    See Recommendations
    767,847 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Fortify Application Defender?
    Top Answer:The tool's most valuable feature is software composition analysis. This feature works well with my .NET applications, providing a better understanding of library vulnerabilities.
    Read all 10 answers   →
    What needs improvement with Fortify Application Defender?
    Top Answer:I encountered many false positives for Python applications.
    Read all 10 answers   →
    What is your primary use case for Fortify Application Defender?
    Top Answer:I use Fortify to analyze projects in .NET languages.
    Read all 9 answers   →
    What do you like most about GitGuardian Public Monitoring?
    Top Answer:The Explore function is valuable for finding specific things I'm looking for.
    Read all 2 answers   →
    What is your experience regarding pricing and costs for GitGuardian Publi...
    Top Answer:It's a bit expensive, but it works well. You get what you pay for. You get something that is fully managed with a lot of features, and a tool that is very efficient.
    What needs improvement with GitGuardian Public Monitoring?
    Top Answer:I'm excited about the possibility of Public Postman scanning being integrated with GitGuardian in the future. Additionally, I'm interested in exploring the potential use of honeytokens, which seems… more »
    Read all 2 answers   →
    Ranking
    34th
    out of 74 in Application Security Tools
    Views
    1,977
    Comparisons
    1,670
    Reviews
    3
    Average Words per Review
    282
    Rating
    6.3
    27th
    out of 74 in Application Security Tools
    Views
    241
    Comparisons
    98
    Reviews
    2
    Average Words per Review
    1,292
    Rating
    9.0
    Comparisons
    Also Known As
    HPE Fortify Application Defender, Micro Focus Fortify Application Defender
    Learn More
    OpenText
    GitGuardian
    Video Not Available
    Overview

    Micro Focus Security Fortify Application Defender is a runtime application self-protection (RASP) solution that helps you manage and mitigate risk from homegrown or third-party applications. It provides centralized visibility into application use and abuse while protecting from software vulnerability exploits and other violations in real time.

    GitGuardian Public Monitoring allows real-time GitHub scanning and alerting to uncover sensitive company information hiding in online repositories. It monitors both organization repositories and developers' personal repositories. The solution gives visibility to developers and security teams on this very critical blindspot that are the organization developers' personal repositories on GitHub (80% of leaked corporate secrets on public GitHub come from developers’ personal repositories).

    GitGuardian Public Monitoring is particularly interesting for companies with large development teams (above 200 developers) and modern development practices.

    GitGuardian Public Monitoring cover 350+ API providers, database connection strings, private keys, certificates, usernames and passwords and intellectual property. It uses sophisticated pattern matching techniques to detect credentials that cannot be strictly defined with a distinctive pattern (like unprefixed credentials). The algorithm has a high precision (91% “true positive” feedback following our alerts, as reported by our users.)

    The alerting is done in real-time (a few seconds after the secret was publicly exposed) which allows fast remediation involving in a collaborative way developers, security teams and operations.

    GitGuardian Public Monitoring also allows red teams and pentesters to proactively look for sensitive information by performing complex queries on 12 billion documents and metadata from more than 3 years of GitHub history.

    GitGuardian Public Monitoring scans public GitHub activity in real-time, helping organizations detect sensitive information leaks in source code repositories. Our solution gives Threat Intelligence and Security teams full visibility over their organization’s public GitHub Attack Surface, by monitoring both organization-owned repositories and developers' personal repositories.

    With 80% of secrets and credentials leaks on public GitHub finding their source in developers' personal repositories, GitGuardian for Public Monitoring helps organizations address a critical security blind spot.

    With real-time incident notification, Threat Intelligence and Security teams are guaranteed to reach the incident scene before everyone else and take action to mitigate the threat of breaches and intrusions.

    Sample Customers
    ServiceMaster, Saltworks, SAP
    Align Technology, Automox, Fred Hutch, Instacart, Maven Wave, Mirantis, SafetyCulture, Snowflake, Talend
    Top Industries
    REVIEWERS
    Computer Software Company29%
    Logistics Company14%
    Energy/Utilities Company14%
    Comms Service Provider14%
    VISITORS READING REVIEWS
    Financial Services Firm21%
    Computer Software Company14%
    Manufacturing Company12%
    Government8%
    No Data Available
    Company Size
    REVIEWERS
    Small Business40%
    Midsize Enterprise10%
    Large Enterprise50%
    VISITORS READING REVIEWS
    Small Business12%
    Midsize Enterprise14%
    Large Enterprise74%
    No Data Available
    Buyer's Guide
    Application Security Tools
    April 2024
    Download Free Report
    Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools. Updated: April 2024.
    DOWNLOAD NOW
    767,847 professionals have used our research since 2012.

    Fortify Application Defender is ranked 34th in Application Security Tools with 10 reviews while GitGuardian Public Monitoring is ranked 27th in Application Security Tools with 2 reviews. Fortify Application Defender is rated 8.0, while GitGuardian Public Monitoring is rated 9.0. The top reviewer of Fortify Application Defender writes "Reliable solution with excellent machine learning algorithms but expensive and lacking support". On the other hand, the top reviewer of GitGuardian Public Monitoring writes "Helps us prioritize remediation tasks efficiently, improves our overall security visibility, and is effective in detecting and alerting us to security leaks quickly". Fortify Application Defender is most compared with Checkmarx One, Coverity, CAST Application Intelligence Platform, SonarQube and Qualys Web Application Scanning, whereas GitGuardian Public Monitoring is most compared with Snyk.

    See our list of best Application Security Tools vendors.

    We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.